Yegor Timoshenko is a user on mastodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.

Yegor Timoshenko @yegortimoshenko@mastodon.social

@micahflee This is basically for the same reason: no validation on packets whatsoever. Packets that cause the key to be unimportable are clearly not RFC-compliant, but SKS still accepts those packets.

@micahflee Another SKS bug. Anyone can make a key unimportable: try `gpg --keyserver pgp.mit.edu --recv-keys 0x4F3F50786C401DCE`, it will fail. Also see pgp.mit.edu/pks/lookup?op=vind

@todd Welcome! I really like my Librem 13 so far :-)

is seeing a takeover attempt by main developer's business partner. Here is a repo with some of the tweets and documents that have been since taken down: gitlab.com/yegortimoshenko/cop

Apparently, there is a tamper-resistant (unlike Tomu) free hardware U2F token. Unfortunately, firmware requires a proprietary tool for build.

u2fzero.com/
github.com/conorpp/u2f-zero

Reflashing my hardware GPG token (FST-01) with Gnuk 1.2.9 after a botched firmware upgrade :-(

Usually this requires a proprietary SWD debugger like ST-Link/V2. @gniibe@identi.ca has recently implemented bbg-swd, a SWD debugger on top of OpenOCD that runs on BeagleBoard devices using PRUSS (auxiliary real-time processors on TI SoCs).

I'm using PocketBeagle and some Dupont wires. Hope this would work without any soldering.

I am a NixOS developer and prism-break.org maintainer who feels strongly about free software, hardware, and society.